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- The MAILING DATE of this communication appears on the cover sheet with the correspondence address - 
Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 . 1 36(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 1 33), 

- Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent temi adjustment. See 37 CFR 1.704(b). 

Status 

1 )S Responsive to connmunication(s) filed on 02 June 2003 . 
2a)S This action is FINAL. 2b)n This action is non-final. 

3) D Since this application is in condition for allowance except for fomnal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 
Disposition of Claims 

4) ^ Claim(s) 7-20 is/are pending in the application. 

4a) Of the above claim{s) is/are withdrawn from consideration. 

5) n Claim(s) is/are allowed. 

6) ^ Claim(s) 1-20 is/are reiected. 
?)□ Claim(s) is/are objected to. 

8) n Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) n The specification is objected to by the Examiner. 

10)n The drawing(s) filed on is/are: a)n accepted or b)^ objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 
1 1 )□ The proposed drawing correction filed on is: a)n approved b)n disapproved by the Examiner. 

If approved, corrected drawings are required In reply to this Office action. 

12) 0 The oath or declaration is objected to by the Examiner. 
Priority under 35 U.S.C. §§ 1 1 9 and 1 20 

13) 0 Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f). 

a)nAII b)n Some*c)n None of: 

1 .□ Certified copies of the priority documents have been received. 

20 Certified copies of the priority documents have been received in Application No. . 

3.n Copies of the certified copies of the priority documents have been received in this National Stage 
application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 

14) 0 Acknowledgment is made of a claim for domestic priority under 35 U.S.C. § 1 19(e) (to a provisional application). 

a) □ The translation of the foreign language provisional application has been received. 

15) n Acknowledgment is made of a claim for domestic priority under 35 U.S.C. §§ 120 and/or 121. 
Attachment(s) 

1 ) S Notice of References Cited (PTO-892) 4) □ Interview Summary (PTOSIS) Paper No(s). . 

2) n Notice of Draftsperson's Patent Drawing Review (PTO-948) 5) dl Notice of Infomial Patent Application (PTO-152) 

3) CD Information Disclosure Statement(s) (PTO-1449) Paper No(s) . 6) CD Other 
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DETAILED ACTION 



This action is responsive to communications: Amendment A, filed on 6/2/03. This action 



is made final. 



Response to Arguments 



2. 



Applicant's arguments with respect to claims 1-20 have been considered but are moot in 



view of the new ground(s) of rejection. 



Claim Rejections - 35 USC § 103 



3. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 



4. Claims 1-2, 4, 6-8 and 10-20 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Kocher (6,442,689) in view of Lee et al. ("Lee", 6,564,219). 
As per claim 1 , Kocher discloses a system comprising: 

a plurality of certificate authorities (CAs) in which each CA maintains and distributes 
digital certificates revoked by itself in the form of a certificate revocation list (CRI.), and 
different CAs may use different CRL distribution mechanisms (Kocher, Abstract, col. 2, lines 
17-31, col. 3, lines 15-18); 
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a plurality of CRL databases for storing the consolidated CRLs from multiple CRL 
retrieval agents and/or the replications of CRLs, the CRL databases storing at least one 
individually identifiable revoked digital certificate (Kocher, Abstract, col. 3, lines 15-18). 

Kocher does not explicitly disclose a CRL access user interface for providing a uniform 
set of APIs for users accessing the CRLs in the CRL database,' said system enabling 
consolidation and access of the certificate revocation lists (CRLs) from the plurality of certificate 
authorities (CAs). Lee discloses providing user interface for users to access databases (Lee, col. 
19, line 10 - col. 20, line 65). Therefore, it would have been obvious to one of ordinary skill in 
the art at the time the invention v/as made to combine Lee with Kocher in order to provide user 
access to the database. 

As per claim 2, Kocher and Lee teach all the claimed subject matters as discussed in 
claim 1, and fiarther disclose said plurality of CRL databases include a central CRL database and 
a plurality of CRL replication databases, said central CRL database for storing the consolidated 
CRLs from the multiple CRT, retrieval agents, and said plurality of CRL replication databases 
for storing the replications of the CRLs of the central CRL database (Kocher, Abstract, col. 2, 
lines 17-31, col. 3, lines 15-18; Lee, col. 20, lines 16-19). 

As per claim 4, Kocher and Lee teach all the claimed subject matters as discussed in 
claim 1, and further disclose said plurality of CRL retrieval agents include a HTTP/CRL retrieval 
agent, for periodically retrieving CRLs from specified HTTP servers and updating the CRL 
database (Kocher, col. 1, line 19 - col. 2, line 67). 

As per claim 6, Kocher and Lee teach all the claimed subject matters as discussed in 
claim 1, and fiirther disclose said plurality of CRL retrieval agents include a Http retrieval agent 
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triggered by a HTTP request, said Http receiver agent verifies an authorization of the requester, 
if successful, said agent stores each transmitted CRL in the CRL databases (Kocher, col. 3, line 1 
- col. 4, line 56). 

As per claim 7, Kocher and Lee teach all the claimed subject matters as discussed in 
claim 1, and further disclose said plurality of CRL retrieval agents further verifies the integrity 
and the authenticity of the retrieved CRLs (Kocher, col. 3, line 1 - col. 4, line 56). 

As per claim 8, Kocher and Lee teach all the claimed subject matters as discussed in 
claim 1, and further disclose a particular repHcation architecttire is used among said plurality of 
CRL databases in order to maintain database consistency (Lee, col. 20, lines 15-26). 

As per claim 10, Kocher and Lee teach all the claimed subject matters as discussed in 
claim 1, and further disclose said system is also adapted for consoUdating and accessing at least 
one kind of black list (Kocher, col. 3, line 1 - col. 4, line 56). 

Claims 1 1-12 are rejected on grounds corresponding to the reasons given above for 
claims 1-2. 

As per claim 13, Kocher and Lee teach all the claimed subject matters as discussed in 
claim 11, and further disclose said method is also adapted for consolidation and accessing all 
kinds of black lists (Kocher, col. 3, line 1 - col. 4, line 56). 

As per claim 14, Kocher and Lee teach all the claimed subject matters as discussed in 
claim 11, and further disclose an article of manufacUire comprising a computer usable medium 
having computer readable program code means embodied therein for causing certificate 
revocation list (CRL) consolidation and access, the computer readable program code means in 
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said article of manufacture comprising computer readable program code means for causing a 
computer to effect the steps of claim 1 1 (Kocher, col. 1, line 1 - col. 4, line 56). 

As per claim 15, Kocher and Lee teach all the claimed subject matters as discussed in 
claim 11, and further disclose a computer program product comprising a computer usable 
medium having computer readable program code means embodied therein for causing certificate 
revocation list (CRL) consolidation and access, the computer readable program code means in 
said computer program product comprising computer readable program code means for causing a 
computer to effect the steps of claim 1 1 (Kocher, col. 1, line 1 - col 4, line 56). 

As per claim 16, Kocher and Lee teach all the claimed subject matters as discussed in 
claim 11, and further disclose a program storage device readable by machine, tangibly 
embodying a program of instructions executable by the machine to perform method steps for 
certificate revocation list (CRL) consolidation and access, said method steps comprising the 
steps of claim 1 1 (Kocher, col. 1, line 1 - col. 4, line 56). 

Claim 17 is rejected on grounds corresponding to the reasons given above for claim 1. 

Claim 18 is rejected on grounds corresponding to the reasons given above for claim 16. 

Claim 19 is rejected on grounds corresponding to the reasons given above for claim 14. 

Claim 20 is rejected on grounds corresponding to the reasons given above for claim 15. 
5. Claim 3 is rejected under 35 U.S.C. 103(a) as being unpatentable over Kocher 
(6,442,689) in view of Lee et al. ("Lee", 6,564,219) and further in view of Vesna Hassler 
("Hassler", "X.500 and LDAP security: a comparative overview". Network, IEEE, Volimie: 13 
Issue: 6, Nov.-Dec. 1999, Page(s): 54-64). 
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As per claim 3, Kocher and Lee teach all the claimed subject matters as discussed in 
claim 1, except for explicitly disclosing said plurality of CRL retrieval agents include a 
LOAP/CRL retrieval agent, for periodically retrieving CRLs from specified LDAP servers and 
updating the CRL databases. Hassler discloses said plurality of CRL retrieval agents include a 
LOAP/CRL retrieval agent, for periodically retrieving CRLs from specified LDAP servers and 
updating the CRL databases (Hassler, page 54-64). Therefore, it would have been obvious to 
one of ordinary skill in the art at the time the invention was made to combine Hassler with 
Kocher and Lee in order to retrieve CRL from LDAP server. 

6. Claim 5 is rejected under 35 U.S.C. 103(a) as being unpatentable over Kocher 
(6,442,689) in view of Lee et al. ("Lee", 6,564,219) and further in view of Kaliski, B; ("KaUski", 
"Privacy Enhancement for Internet Electronic Mail: Part IV: Key Certification and Related 
Services", RFC 1424, Feb. 1993, pp. 1-8). 

As per claim 5, Kocher and Lee teach all the claimed subject matters as discussed in 
claim 1, except for explicitly disclosing said pluraUty of CRL retrieval agents include a 
RFC1424/CRL retrieval agents, for periodically sending RFC1424/CRL retrieval request and 
receiving CRL retrieval reply. Kaliski discloses said plurality of CRL retrieval agents include a 
RFC1424/CRL retrieval agents, for periodically sending RFC1424/CRL retrieval request and 
receiving CRL retrieval reply (Kaliski, pp. 1-8). Therefore, it would have been obvious to one of 
ordinary skill in the art at the time the invention was made to combine Kaliski with Kocher and 
Lee in order to enhance privacy for Intemet electronic mail. 
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7. Claim 9 is rejected under 35 U.S.C. 103(a) as being unpatentable over Kocher 
(6,442,689) in view of Lee et al. ("Lee", 6,564,219) and further in view of Strellis et al. 
("Strellis", 6,304,882). 

As per claim 9, Kocher and Lee teach all the claimed subject matters as discussed in 
claim 1, except for explicitly disclosing a hub-and-spoke replication architecUire is used among 
said central CRL database and said plurality of CR.L replication databases. Strellis discloses 
disclosing a hub-and-spoke replication architecture is used among said central CRL database and 
said plurality of CR.L replication databases (Strellis, col. 10, lines 14-21). Therefore, it would 
have been obvious to one of ordinary skill in the art at the time the invention was made to 
combine Strellis with Kocher and Lee in order to maintain the consistency among the plurality 
databases. 



8. The prior art made of record and not relied upon is considered pertinent to applicant's 
disclosure. 

Curry et al. (6,128,740) disclose computer security system and method with on demand 
publishing of certificate revocation lists. 

Tumbull et al. (6,092,201) disclose method and apparatus for extending secure 
communication operations via shared list. 

Jadoul, M.; Chantrain, D.; Wuidart, A.-I.; De Smit, S.; "Access to an X.500 directory 
service via ADSI screen phones". Global Telecommunications Conference, 1997. GLOBECOM 
*97., IEEE , Volume: 3 , 3-8 Nov. 1997 Page(s): 1740 -1744 vol.3. 



Conclusion 
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9. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS fi-om the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 . 
CFR 1 .1 36(a) will be calculated fi-om the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS fi-om the mailing 
date of this final action. . 



Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Chongshan Chen whose telephone number is (703) 305-8319. 
The examiner can normally be reached on Monday - Friday (8:00 am - 4:30 pm). 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kim Y Vu can be reached on (703)305-4393. The fax phone numbers for the 
organization where this application or proceeding is assigned are (703) 746-7239 for regular 
communications and (703) 746-7238 for After Final communications. 

Any inquiry of a general nature or relating to the status of this application or proceeding 
should be directed to the receptionist whose telephone number is (703)305-3900. 
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